Error 521. Webserver down...with sub domain in Caddy

My setup is desinged to access local servers behind CGNAT, so no port forwarding is possible. Thus I use Caddy (origin) server with Cloudflare proxy so that when the local server connects via reverse autossh to Caddy, the subdomain establishes a connection back to the local server, for easy user login.

  1. First, the Cloudflare proxy mydomain1 (com) and sub mydomain1 (com) works with both pointing A records to same Caddy server public IP instance, and SSL as Full (No Rules), with the sub mydomain1 (com) pointing correctly to a local server behind CGNAT.

No other sub domains are configured.

** I really have to mangle my links as a beginner: what a stupid restriction by Cloudflare ! And a great way to discourage new comers with an enormousn waste of time.

Caddyfile:
(Here 10022 is the remote port on Caddy connecting to local server port 8097 (dietpi Jellyfin )

{
email myemail () example (com)
acme_ca https () acme-v02.api letsencrypt org/ directory
}

mydomain1 (com) {
root * ( /var www/) mydomain1 (com)
file_server
encode gzip

Other directives for your main domain, if needed

}

sub mydomain1 (com) {

reverse_proxy /* localhost: 10022

}

The mydomain1 (com) is doing nothing. So I figured , why not use only a sub domain from another Cloudflare domain, instead of wasting a second domain !

  1. However, when I try to use another sub mydomain com A record pointing to Caddy public IP, but whose TLD, mydomain (com) is a website pointing A record to another public IP, and also configure Cloudflare DNS challenge, I keep getting the 521 Website (origin) down error.

Again Cloudflare SSL is set to Full, with no Rules for the sub mydomain (com).

There are other sub domains with CNAME pointing to duckdns, with Origin Rules configured to forward to port 8097 on another local server. These also have Configuration Rules for SSL Flexible, since, currently, the local (origin) server has no SSL. SSL Full setting on sub domains doesn’t allow connection.

Here is my Caddyfile:

{
auto_https off
}

sub mydomain (com) {
reverse_proxy /* localhost: 10022

Uncomment the following line if you’re using the DNS challenge with Cloudflare

dns cloudflare {env.CF_API_TOKEN}

}

  1. So what is the problem with #2, and how to fix ?

Welcome to the Cloudflare Community. :logodrop:

No need to

Just wrap them in backticks, or for multiple lines such as your config excerpt, place three backticks on the line above and the line below.

Type `example.com` to get example.com and for configs do the following:

```
Your
multiple
line
config
```

becomes

Your
multiple
line
config

OK thanks !

Hello,

If this solution remedied your problem can you please mark the post as a solution. For other community goers who may have issues with the same issue. If you are still having issues please let us know. Take care.

1 Like

What solution ?

That was just question formatting if you read it .

The reply from @eportillo also invited you to better explain how we can help. Between the runaway formatting, the obfuscated domains, and the complex setup (CGNAT, tunnels, origin rules to map ports), your original post is very hard to follow. Can you try explaining your issue more clearly and succinctly? Hopefully that will provide enough detail that someone will have a useful suggestion for you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.